glizzyguzzler

glizzyguzzler , 1 day ago

Old AMD cards can be flashed with any BIOS that says anything. Maybe the card was used for a scam and flashed to say it’s an RTX 2070, it should have a switch to go to its 2nd BIOS near the top left (when slotted in). And if it doesn’t, you can just get its original BIOS off of Techpowerup’s database and flash it with atiflash, also from Techpowerup.

https://lemmy.blahaj.zone/pictrs/image/437101df-101a-4865-8baf-842748326850.webp

Picture stolen from some Reddit help thread for a red dragon RX 580.

This is assuming that Linux is reading what the card claims it is correctly. Which seems likely, since reading device IDs is a really important feature that probably works nearly perfectly.

glizzyguzzler , 11 hours ago

It looks like regular PSUs are isolated from the mains ground with a transformer. That means that two PSUs’ DC grounds will not be connected. That will likely cause problems for you, as they’ll have to back flow current in places that do NOT expect back flow current to account for the voltage differences between the two ground potentials. Hence it might damage the GPU which is going be the mediator between these two PSUs - and maybe the mobo if everything goes to shit.

Now I am not saying this will be safe, but you may avoid that issue by tying the grounds of the two PSUs together. You still have the issue where if, say, PSU1’s 12V voltage plane meets PSU2’s 12V voltage plane and they’re inevitably not the same exact voltage, you’ll have back flowing current again which is bad because again nothing is designed for that situation. Kind of like if you pair lithium batteries in parallel that aren’t matched, the higher voltage one will back charge the other and they’ll explode.

glizzyguzzler , 4 days ago

First try an HDMI dummy plug, in case the thing doesn’t dig no screen (classic intel firmware)

Then try Debian + Incus, less Proxmox shims to go wrong. Install Incus via the “zabby” repo mentioned on the incus install page. Search for “LXD” if Incus help/guides aren’t enough for you, they’re the same thing (for now). Providing an ISO in Proxmox is really clunky, and incus smooths that out so nicely. And again, less Proxmox shims to go wronk

glizzyguzzler , 4 days ago

It accomplishes the same thing as Proxmox (VMs and LXC containers, which are “lite VMs” for if you wanted a Linux VM), I recently learnt about it too! It is new, but it was backed by Canonical up until the LXD/Incus split so it’s very solid. Split because Canonical tried to control LXD heavily, so they forked and renamed it Incus.

I just used Incus and it’s very nice, use the profiles to create a profile for “GPU pass through” and “macvlan”, among others you’ll find you want. Then make instances as needed! It was easier for me to use than Proxmox.

glizzyguzzler OP , 11 days ago

;.; I don’t know what this means

glizzyguzzler OP , 11 days ago

Ah gotchya, well docker compose plus the image is pretty necessary for me to easily manage big ass/complicated database-based storage services like paperless or Immich - so I’m locked in!

And I’d still have to specially handle the database for backup even if it wasn’t in a container…

glizzyguzzler OP , 11 days ago

That’s ok for a database that’s running?

Do you use a ZFS backup manager?

glizzyguzzler OP , 11 days ago

As far as I know (unless smarter people know), you need a “long ass backup script” to make your own fun on a set schedule. Autorestic and borgmatic are smooth but don’t seem to have the granularity to deal with it. (Unless smarter people know how to make them do, which I may be fishing for lol)

glizzyguzzler OP , 11 days ago

Love the detail, thanks!!

glizzyguzzler OP , 11 days ago

That’s wild and cool - don’t have that architecture now but… next time

glizzyguzzler OP , 11 days ago

Holy shot thanks for droppin this spell, that’s awesome

glizzyguzzler OP , 11 days ago

So you’re saying you dump on a sched to a <place> and then just let your restic backup pick it up asynchronously?

glizzyguzzler OP , 11 days ago

Thanks for the incantation! Its looking like something like this is gonna be the way to do it

glizzyguzzler OP , 11 days ago

That is nicely expandable with my docker_compose files, thanks for the find!

glizzyguzzler OP , 11 days ago

Not a bad idea for a hybrid thing, especially people seem to say that a running database backup at least some of the time most of the time with no special shutdown/export effort is readable. And the dedupe stats are really impressive

glizzyguzzler OP , 11 days ago

Good to know if I need to just throw the running database into borg/restic there’s a chance it’ll come out ok! Def not a dummy, I only found out databases may not like being backed up while running through someone mentioning it offhandedly

glizzyguzzler OP , 11 days ago

It’s gon b long ass backup script I think!

glizzyguzzler OP , 11 days ago

I’m coming from rsync too, hoping for the same good stuff

glizzyguzzler OP , 10 days ago

Thorough, thanks! I see you and some others are using “asynchronous” backups where the databases backup on a schedule and the backup program does its thing on its own time. That might actually be the best way!

glizzyguzzler OP , 10 days ago

Would you mind pastebin-ing your docker image creator file? I have no experience cooking up my own docker image.

glizzyguzzler OP , 10 days ago

Thanks for taking the time to upload the whole thing!! This is pretty cool because it moves the backup work straight into the container with the db

glizzyguzzler OP , 10 days ago

Dunno how I missed that in borgmatic, and I see autorestic also has “hooks” but with no database-specific examples. So I can build out what would be in a long ass script just in a long ass borgmatic/autorestic yml!

glizzyguzzler OP , 10 days ago

That is straightforward, and if you recovered nextcloud like that it does say something about the robustness!

glizzyguzzler OP , 23 days ago

I see, I’ll check that out and also check out how to ascertain that lol

Does that “similar security” still count if the image is hacked? Since the capability for “real” root is there.

glizzyguzzler OP , 23 days ago

I’ve made it so the host OS doesn’t require root, are you saying I’d need to make the image also do that?

glizzyguzzler OP , 23 days ago

Love the idea, but theoretically with this “macvlan” it will have its own IP address and thus have free reign of all of its ports and not have any conflicts

glizzyguzzler OP , 23 days ago

Huh you’d think macvlans would have an error telling me to kick rocks for trying to use it in a rootless state. I guess that’s why it can’t see anything?

Weird though, like why can’t I make the macvlans network interface as root and then let rootless containers connect to it? If I sudo make the macvlans network thing it lives in the sudo podman zone. Hm

glizzyguzzler OP , 23 days ago

I have tried pre-making the network in podman directly beforehand, but because I want a second docker image binding to port 53 I was under the impression that I had to use macvlans

glizzyguzzler OP , 23 days ago

Thank you for the in-depth explanation!! I’ll keep this in mind as I try to club my way through podman!

glizzyguzzler OP , 17 days ago (edited 17 days ago)

Yea I likely don’t have a full understanding, just getting into this and all. That’s why I decided a hard req was to force the images to run in a non-root context. (I did succeed, prolly)

But the macvlan does have its own IP with the associated ports free and that will let the adguard home image bind 53 while the host can squat on it with dns listener stub or whatever the fuck it does by default. The macvlans is a recommended thing by the Docker adguard home guides to bypass the host or other processes already binding 53, I didn’t cook it up myself.

Anyway, this is the first I’m hearing of traffic or caddy in this context - googling those is not ez pz so it’ll take me a bit to know what you’re implying I should do!

Edit: I’m not gonna understand traffic or caddy beyond the surface level, the main pages are enterprise-focused so I’m not sure how they apply. I’ll have to wait to run into an organic use case (with wordy guide) to truly understand them, I think. (Other than traffic could redirect but it’s called a reverse proxy but I think, at least in this context, that’s a fancy word for redirect. So use it somehow instead of forwarding specific ports?)

glizzyguzzler , 1 month ago

I am reasonably pleased with my TV UI approximation. It’s an old Skylake-era CPU running Windows 10 Enterprise IoT LTSC which lasts until 2032.

I chose windows because Linux is often limited to 720p browser streaming. And I got tired of overcoming hurdles to make the thing work well, forget what they were but damn they sucked and took a lot of time. Burned through a ton of my self-allotted time fixing stuff till I just ripcorded Win 10 Ent IoT LTSC; Linux might go better for you!

Anyway, it’s at 150% desktop scale and I have the task bar auto hide. I have icons for all streaming sites, Freetube, and Jellyfin on the desktop arranged in a grid. It looks reasonably good, they open in Firefox or in their apps. I close the whole window when I’m done (I don’t use the browser’s tabs), which helps with the “TV box” feel of usage.

I have a remote that has some IR functions to turn the TV on and off and change inputs along with gyro mouse control. It’s hella China, just buy one on your relevant China source (Amazon, alibaba, etc.) - there are tons of clones. The light up feature on it makes an audible hum, so that sucks, but I don’t use it and don’t seem to miss it.

Best bonus is it blocks ads on all the streaming services I have (uBlock origin mostly, also AdGuard but I think uBlock Origin does the heavy lifting). And can turn on WireGuard for modern account sharing, going to automate it soon for certain streaming services.

glizzyguzzler , 2 months ago

I followed some guide to put Opnsense on Proxmox. I pass through 2 NICs and set the KVM (using the Proxmox make-a-VM GUI) to be the CPU arch it runs on for that extra speed (but that setting precludes easy transfer to a new box with a different arch). Plenty fast and I run another Linux VM on the same box that does stuff I’d want Opnsense to do (DNS, VPN, etc.).

If I did it again I’d prob do LXD (Incus now), Proxmox has a long startup time and is fiddly to use (to me at least). Looks like Incus can do the same KVM thing, just with less steps and stock Debian.

glizzyguzzler , 5 months ago

GPU encoding uses (relatively) simpler fixed function encoders that do it much faster than the CPU which uses its general purpose transistors to run an encoding algorithm. End result is GPU encoding is speedy at the cost of visual quality per bitrate; the file size is bigger for same visual quality as a CPU encode. Importantly for storing your videos - CPU encoding, while much slower, will get your file size smaller at the same visual quality threshold you desire, so you can save more videos per drive!

glizzyguzzler , 7 months ago (edited 7 months ago)

Ditch it, the Surface Pro 4’s are cursed via shit manufacturing.

Its screen will fail sooner or later flickergate.com . I had one, it started flickering after the “extended” warranty. The display is useless now. Nothing fixes it. At first the flicker stopped if something on the screen moved, so I used this github.com/…/Surface-Pro-Screen-Flicker-Solver to mitigate it. But within a day or two it was worse. I tried a reduced refresh rate, but that did not help by then. It quickly got worse when in use, within minutes after a week of the flickering starting. A used one is just pre-accelerated to its demise.

Replacing the screen - even opening the device - is egregiously dangerous because the screen often cracks when taking it apart. Microsoft abs sucks for making a device that can’t last when it clearly should. (Not to say anything about your specific problems! It sounds like the battery needs to be replaced, but it can run without a battery as far as I know so not sure why it can’t power up with it heavily depleted)

Edit: if you’re going to remove the sceeen, replace the battery and replace the screen with a surface pro 5 screen. They sell them. The batteries get fucked quick cause the heat sink cooks them, so it’s prob the battery causing your problems (mine had shit battery life at its end too)

Here is a blurb from Reddit describing what to get (ifixit apparently sells a surface pro 5 screen as well if you want one degree better than direct China): My advice, if you have a Surface Pro 4 with an Samsung Panel is to replace for an LG Screen from Surface Pro 5/6. You need to buy this LCD cable too for that conversion: M1010537-003

You can check in the device manager which LCD panel you have on your Surface

glizzyguzzler , 7 months ago

Glad yours is usable still! Mine went from fine to unusably flickering within the span of a week, so it set in fast. I babybabied it too hoping to avoid the issue - I guess I just prolonged it till it microsoft wouldn’t fix it anymore. rip fuck this corpo created e waste shit (I use it as a comp strapped to my TV now)

glizzyguzzler , 7 months ago

Yes, it’s recommended to replace the SP4 screen with an SP5 screen - so you can rest easy

glizzyguzzler OP , 8 months ago

Where would I set the subnet mask?

I do not understand how to apply most networking concepts effectively - I only run Opnsense to get a router that has actual software updates, not because I now how to use it (no experience with networking otherwise).

In WireGuard I specify the 10.0.66.XX subnet directly without DHCP. In Opnsense, I’m not sure where to look and searching for it didn’t help illuminate anything obvious.

glizzyguzzler OP , 8 months ago

I don’t see any - but I guess it makes sense, the Opnsense computer isn’t involved by design in local network activity. The Opnsense comp goes to a switch that all other LAN also connect to, and I assume the switch routes so the Opnsense comp connection doesn’t get bottlenecked. I indeed forgot that’s how it worked till now - thanks for the suggestion, helped me internalize a bit more infrastructure at least!

glizzyguzzler OP , 8 months ago (edited 8 months ago)

Who knows indeed, I’m beginning to suspect that it was able to connect via the internet (and that stopped working) and I just never noticed so the VPN was a superfluous extra step.

But I did try in the [Peer] definition setting the allowed IPs to: 10.0.66.10/16 instead of 10.0.66.10/32, which should expand the allowed range to 10.0.69.XXX. Alas, that did not work.

Edit: Also tried assigning the [Peer] to an unused IP in the 10.0.69.XXX range directly, but that made nothing work so not the way either.

glizzyguzzler OP , 8 months ago

Setting the WG [Interface] range to 10.0.66.0/16, along with the [Peer] to 10.0.66.10/16, and the Opnsense DHCP range in Interfaces->LAN to /16 made no connection to the internet or local occur.

This feels like banging rocks together hoping for fire - not for me (but maybe reading stuff for a bit will help, maybe)

glizzyguzzler OP , 8 months ago

I did a wireshark packet capture and found the wake-up packet is on UDP 987. I can only capture broadcasts, not specific stuff it looks like. Source: 10.0.69.69(iOS device IP) Destination: 10.0.69.255 Protocol: UDP Length: 105 Info 57477(or 62764, 62335, 60311 as source ports) -> 987 Len=63 Note the IP of the PS4 is 10.0.69.150

I’m not sure what to do with this, though. Nothing I tried worked (e.g., jamming 987 into the IP tables iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A PREROUTING -p udp --dport 987 -j DNAT --to-destination 10.0.69.150:987; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -A POSTROUTING -p udp -d 10.0.69.150 --dport 987 -j SNAT --to-source 10.0.66.10:987 based on serverfault.com/…/how-to-do-the-port-forwarding-f…).

Additionally setting the Wireguard mask to 10.0.66.1/16 makes the WG connection not route successfully, and setting the mask in OpnsenseRouter->Interfaces->[LAN]->(under Static IPv4 configuration section) to 16 did nothing. Oh well, this seems beyond me